How Do You Find Sql-injection?

cjm1504

Oct 19 2006, 12:51 AM

How do you find SQL-Injection vulnerable scripts? Do you just try entering ' or %2527 in every edit box you can find, or do you parse open source code to find vulnerable scripts?

If there are any tutorials on this(finding the vulnerabilities, maybe even some which describe how to avoid prevention measures) i would appreciate if you could post a link or two.

Reply

jlhaslip

Oct 19 2006, 01:19 AM

I'm thinking this topic will only result in warnings and bans to those members that post information about using SQL injections to 'hack' or damage sites. And I really don't want that to happen.
Instead of taking this 'destructive' approach, I would like to suggest that the members focus on preventing SQL Injections.
Sites are never bomb-proof, but security on the web is a continuum and those sites we consider 'secure' are at one end of the continuum, by using correct and pro-active coding. Surely the members here know some of the better techniques to prevent SQL Injections and other security breaches. Let's hear them.

Here is a couple of articles as a starting point:
http://en.wikipedia.org/wiki/Cross_site_scripting
http://alistapart.com/articles/secureyourcode
http://alistapart.com/articles/secureyourcode2

Reply

rvalkass

Oct 19 2006, 05:44 AM

Login pages are usually the most vulnerable area. A hacker will go there first becuase if they succeed then they can virtually do anything they want. Open source scripts, despite what people say, are actually very secure simply due to the number of people using them and reporting any flaws they find. If you write a script yourself, make sure to include as many checks as possible. For example, make sure a form has been submitted from your site and nowhere else, and make sure that fields contain alpha numeric characters. The safest way is, before you do anything with the submitted information, strip it of any ', ", <, > or their ASCII code equivalents. This will stop 99.9% of problems, but you have to advise people not to use them in their usernames or passwords.

Reply

Florisjuh

Oct 19 2006, 02:49 PM

QUOTE(rvalkass @ Oct 19 2006, 05:44 AM)

Login pages are usually the most vulnerable area. A hacker will go there first becuase if they succeed then they can virtually do anything they want. Open source scripts, despite what people say, are actually very secure simply due to the number of people using them and reporting any flaws they find. If you write a script yourself, make sure to include as many checks as possible. For example, make sure a form has been submitted from your site and nowhere else, and make sure that fields contain alpha numeric characters. The safest way is, before you do anything with the submitted information, strip it of any ', ", <, > or their ASCII code equivalents. This will stop 99.9% of problems, but you have to advise people not to use them in their usernames or passwords.

I guess if you can take a look into the source code of a script it will be much easier to find bugs which can be exploited, but the positives are also there and meight overweight the disadvantages. Besides open source coding rocks!

Reply

dhaval

Oct 20 2006, 01:56 AM

I think for every input u take in, if u just convert it to html special chars...........you'll be pretty safe right?

htmlspecialchars($string, ENT_QUOTES );

That is what I'm doing.........can that be exploited in some way?

Reply

ADD REPLY / Got an Opinion!	a humble request :-)	RAPID SEARCH!	Free Hosting	[X]
Express your Opinions, Thoughts or Contribute your information that might help someone here. Ask your Doubts & Queries to get answers.. "Together, We enlight each other!"	Register FREE for AD-FREE forum, Create your own topics, Ask Questions, track topics, setup subscriptions & notifications and Get a Free Website w/ Email and FTP.		500MB Space No Ads, CPanel, FTP, PHP, MySQL, EMails - 100% FREE